Secrecy and Randomness: Encoding Cloud data Locally using a One-Time Pad

Tobin, Paul; Tobin, Lee; McKeever, Michael; Blackledge, Jonathan

Home // International Journal On Advances in Security, volume 10, numbers 3 and 4, 2017 // View article

Secrecy and Randomness: Encoding Cloud data Locally using a One-Time Pad

Authors:
Paul Tobin
Lee Tobin
Michael McKeever
Jonathan Blackledge

Keywords: Local encryption; GDPR; one-time pad; one-to-cloud; key distribution problem; chaos

Abstract:
There is no secrecy without randomness, and we address poor cloud security using an analogue chaotic one-time pad encryption system to achieve perfect secrecy. Local encoding returns control to the client and makes stored cloud data unreadable to an adversary. Most cloud service providers encode client data using public encryption algorithms, but ultimately businesses and organisations are responsible for encoding data locally before uploading to the Cloud. As recommended by the Cloud Security Alliance, companies employing authentication and local encryption will reduce or eliminate, EU fines for late data breach discoveries when the EU implements the new general data protection regulations in 2018. Companies failing to detect data breaches within a 72-hour limit will be fined up to four percent of their global annual turnover and estimates of several hundred billion euros could be levied in fines based on the present 146 days average EU breach discovery. The proposed localised encryption system is additional to public encryption, and obeying the rules of one-time pad encryption will mean intercepted encrypted data will be meaningless to an adversary. Furthermore, the encoder has no key distribution problem because applications for it are of ``one-to-cloud'' type.

Pages: 167 to 181

Publication date: December 31, 2017

Published in: journal

ISSN: 1942-2636